diff options
-rw-r--r-- | lib/Makefile.am | 4 | ||||
-rw-r--r-- | lib/crypto.c | 2 | ||||
-rw-r--r-- | lib/gnutls_dh_primes.c | 2 | ||||
-rw-r--r-- | lib/gnutls_pk.c | 78 | ||||
-rw-r--r-- | lib/gnutls_pk.h | 23 | ||||
-rw-r--r-- | lib/pk-generic.c | 104 | ||||
-rw-r--r-- | lib/pk-generic.h | 28 | ||||
-rw-r--r-- | lib/pk-libgcrypt.c | 2 | ||||
-rw-r--r-- | lib/x509/privkey.c | 2 |
9 files changed, 106 insertions, 139 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am index 25f7b41949..1cb440c02c 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -83,7 +83,7 @@ COBJECTS = gnutls_record.c gnutls_compress.c debug.c gnutls_cipher.c \ auth_rsa_export.c ext_server_name.c auth_dh_common.c \ gnutls_helper.c ext_inner_application.c \ gnutls_supplemental.c crypto.c random.c pk-libgcrypt.c mpi-libgcrypt.c \ - pk-generic.c rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c + rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c if ENABLE_OPRFI COBJECTS += $(OPRFI_COBJECTS) @@ -104,7 +104,7 @@ HFILES = debug.h gnutls_compress.h defines.h gnutls_cipher.h \ ext_srp.h gnutls_srp.h auth_srp.h auth_srp_passwd.h \ gnutls_helper.h auth_psk.h auth_psk_passwd.h \ ext_inner_application.h gnutls_supplemental.h ext_oprfi.h \ - crypto.h random.h pk-generic.h + crypto.h random.h # Separate so we can create the documentation diff --git a/lib/crypto.c b/lib/crypto.c index 346aee5bf3..1a5ca213e0 100644 --- a/lib/crypto.c +++ b/lib/crypto.c @@ -27,7 +27,7 @@ #include <gnutls/crypto.h> #include <crypto.h> #include <gnutls_mpi.h> -#include <pk-generic.h> +#include <gnutls_pk.h> #include <random.h> #include <gnutls_cipher_int.h> diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c index 24de606684..7c03da1c07 100644 --- a/lib/gnutls_dh_primes.c +++ b/lib/gnutls_dh_primes.c @@ -28,7 +28,7 @@ #include <x509_b64.h> /* for PKCS3 PEM decoding */ #include <gnutls_global.h> #include <gnutls_dh.h> -#include <pk-generic.h> +#include <gnutls_pk.h> #include <gnutls/crypto.h> #include "x509/x509_int.h" #include "debug.h" diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 51728a3003..38acbb33b5 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -37,7 +37,6 @@ #include <x509/x509_int.h> #include <x509/common.h> #include <random.h> -#include <pk-generic.h> /* Do PKCS-1 RSA encryption. * params is modulus, public exp. @@ -510,3 +509,80 @@ _gnutls_dsa_verify (const gnutls_datum_t * vdata, return 0; /* ok */ } + +/* some generic pk functions */ +static +int _generate_params(int algo, mpi_t * resarr, unsigned int *resarr_len, int bits) +{ +gnutls_pk_params_st params; +int ret; +unsigned int i; + + ret = _gnutls_pk_ops.generate( GNUTLS_PK_RSA, bits, ¶ms); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + if (resarr && resarr_len && *resarr_len > params.params_nr) { + *resarr_len = params.params_nr; + for (i=0;i<params.params_nr;i++) + resarr[i] = params.params[i]; + } else { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + return 0; +} + + + +int _gnutls_rsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits) +{ + return _generate_params( GNUTLS_PK_RSA, resarr, resarr_len, bits); +} + +int _gnutls_dsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits) +{ + return _generate_params( GNUTLS_PK_DSA, resarr, resarr_len, bits); +} + +int _gnutls_pk_params_copy( gnutls_pk_params_st* dst, mpi_t* params, int params_len) +{ +int i,j; + dst->params_nr = 0; + + dst->params = gnutls_malloc( sizeof(mpi_t)*params_len); + if (dst->params == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + for (i=0;i<params_len;i++) { + dst->params[i] = _gnutls_mpi_set( NULL, params[i]); + if (dst->params[i] == NULL) { + for (j=0;j<i;j++) + _gnutls_mpi_release( &dst->params[j]); + return GNUTLS_E_MEMORY_ERROR; + } + dst->params_nr++; + } + + return 0; +} + +void gnutls_pk_params_init( gnutls_pk_params_st* p) +{ + memset( p, 0, sizeof(gnutls_pk_params_st)); +} + +void gnutls_pk_params_release( gnutls_pk_params_st* p) +{ +unsigned int i; + for (i=0;i<p->params_nr;i++) { + _gnutls_mpi_release( &p->params[i]); + } + gnutls_free( p->params); + p->params = NULL; +} diff --git a/lib/gnutls_pk.h b/lib/gnutls_pk.h index 09367e34b0..890b7e5b19 100644 --- a/lib/gnutls_pk.h +++ b/lib/gnutls_pk.h @@ -25,6 +25,29 @@ #ifndef GNUTLS_PK_H # define GNUTLS_PK_H +extern int crypto_pk_prio; +extern gnutls_crypto_pk_st _gnutls_pk_ops; + +#define _gnutls_pk_encrypt( algo, ciphertext, plaintext, params) _gnutls_pk_ops.encrypt( algo, ciphertext, plaintext, params) +#define _gnutls_pk_decrypt( algo, ciphertext, plaintext, params) _gnutls_pk_ops.decrypt( algo, ciphertext, plaintext, params) +#define _gnutls_pk_sign( algo, sig, data, params) _gnutls_pk_ops.sign( algo, sig, data, params) +#define _gnutls_pk_verify( algo, data, sig, params) _gnutls_pk_ops.verify( algo, data, sig, params) + +inline static int +_gnutls_pk_fixup( gnutls_pk_algorithm_t algo, gnutls_direction_t direction, gnutls_pk_params_st* params) +{ + if (_gnutls_pk_ops.pk_fixup_private_params) return _gnutls_pk_ops.pk_fixup_private_params(algo, direction, params); + return 0; +} + +int _gnutls_pk_params_copy( gnutls_pk_params_st* dst, mpi_t* params, int params_len); +void gnutls_pk_params_release( gnutls_pk_params_st* p); +void gnutls_pk_params_init( gnutls_pk_params_st* p); + +int _gnutls_rsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits); +int _gnutls_dsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits); + +/* The internal PK interface */ int _gnutls_pkcs1_rsa_encrypt (gnutls_datum_t * ciphertext, const gnutls_datum_t * plaintext, mpi_t * params, unsigned params_len, diff --git a/lib/pk-generic.c b/lib/pk-generic.c deleted file mode 100644 index 5c2a3511ea..0000000000 --- a/lib/pk-generic.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (C) 2008 Free Software Foundation - * - * Author: Nikos Mavrogiannopoulos - * - * This file is part of GNUTLS. - * - * The GNUTLS library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, - * USA - * - */ - -#include <gnutls_int.h> -#include <gnutls_errors.h> -#include <pk-generic.h> -#include <gnutls_num.h> - -static -int _generate_params(int algo, mpi_t * resarr, unsigned int *resarr_len, int bits) -{ -gnutls_pk_params_st params; -int ret; -unsigned int i; - - ret = _gnutls_pk_ops.generate( GNUTLS_PK_RSA, bits, ¶ms); - - if (ret < 0) { - gnutls_assert(); - return ret; - } - - if (resarr && resarr_len && *resarr_len > params.params_nr) { - *resarr_len = params.params_nr; - for (i=0;i<params.params_nr;i++) - resarr[i] = params.params[i]; - } else { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - return 0; -} - - - -int _gnutls_rsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits) -{ - return _generate_params( GNUTLS_PK_RSA, resarr, resarr_len, bits); -} - -int _gnutls_dsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits) -{ - return _generate_params( GNUTLS_PK_DSA, resarr, resarr_len, bits); -} - -int _gnutls_pk_params_copy( gnutls_pk_params_st* dst, mpi_t* params, int params_len) -{ -int i,j; - dst->params_nr = 0; - - dst->params = gnutls_malloc( sizeof(mpi_t)*params_len); - if (dst->params == NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - - for (i=0;i<params_len;i++) { - dst->params[i] = _gnutls_mpi_set( NULL, params[i]); - if (dst->params[i] == NULL) { - for (j=0;j<i;j++) - _gnutls_mpi_release( &dst->params[j]); - return GNUTLS_E_MEMORY_ERROR; - } - dst->params_nr++; - } - - return 0; -} - -void gnutls_pk_params_init( gnutls_pk_params_st* p) -{ - memset( p, 0, sizeof(gnutls_pk_params_st)); -} - -void gnutls_pk_params_release( gnutls_pk_params_st* p) -{ -unsigned int i; - for (i=0;i<p->params_nr;i++) { - _gnutls_mpi_release( &p->params[i]); - } - gnutls_free( p->params); - p->params = NULL; -} diff --git a/lib/pk-generic.h b/lib/pk-generic.h deleted file mode 100644 index 5aad5853c3..0000000000 --- a/lib/pk-generic.h +++ /dev/null @@ -1,28 +0,0 @@ -#ifndef GNUTLS_PK_GENERIC_H -# define GNUTLS_PK_GENERIC_H - -# include <gnutls/crypto.h> - -extern int crypto_pk_prio; -extern gnutls_crypto_pk_st _gnutls_pk_ops; - -#define _gnutls_pk_encrypt( algo, ciphertext, plaintext, params) _gnutls_pk_ops.encrypt( algo, ciphertext, plaintext, params) -#define _gnutls_pk_decrypt( algo, ciphertext, plaintext, params) _gnutls_pk_ops.decrypt( algo, ciphertext, plaintext, params) -#define _gnutls_pk_sign( algo, sig, data, params) _gnutls_pk_ops.sign( algo, sig, data, params) -#define _gnutls_pk_verify( algo, data, sig, params) _gnutls_pk_ops.verify( algo, data, sig, params) - -inline static int -_gnutls_pk_fixup( gnutls_pk_algorithm_t algo, gnutls_direction_t direction, gnutls_pk_params_st* params) -{ - if (_gnutls_pk_ops.pk_fixup_private_params) return _gnutls_pk_ops.pk_fixup_private_params(algo, direction, params); - return 0; -} - -int _gnutls_pk_params_copy( gnutls_pk_params_st* dst, mpi_t* params, int params_len); -void gnutls_pk_params_release( gnutls_pk_params_st* p); -void gnutls_pk_params_init( gnutls_pk_params_st* p); - -int _gnutls_rsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits); -int _gnutls_dsa_generate_params (mpi_t * resarr, unsigned int *resarr_len, int bits); - -#endif diff --git a/lib/pk-libgcrypt.c b/lib/pk-libgcrypt.c index e61fed68a3..f0b3087bed 100644 --- a/lib/pk-libgcrypt.c +++ b/lib/pk-libgcrypt.c @@ -37,7 +37,7 @@ #include <x509/x509_int.h> #include <x509/common.h> #include <random.h> -#include <pk-generic.h> +#include <gnutls_pk.h> #include <gcrypt.h> /* this is based on code from old versions of libgcrypt (centuries ago) diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 64eb5dfb04..e1973f2a97 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -32,7 +32,7 @@ #include <gnutls_x509.h> #include <x509_b64.h> #include <x509_int.h> -#include <pk-generic.h> +#include <gnutls_pk.h> static int _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params); int _gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params); |